Security on the DesktopFighting the Enemy Within

GovTechNet 99-15 June 99

Army Research Laboratory

Adelphi Lab Center (ARL-ALC)

LTC Paul Walczak(301) 394-3862 DSN 290pwalczak@arl.mil

Form SF298 Citation Data

Report Date("DD MON YYYY") 15061999

Report TypeN/A

Dates Covered (from... to)("DD MON YYYY")

Title and Subtitle Security on the Desktop Fighting the Enemy Within

Contract or Grant Number

Program Element Number

Authors Project Number

Task Number

Work Unit Number

Performing Organization Name(s) and Address(es) Army Research Laboratory Adelphi Lab Center (ARL-ALC)

Performing Organization Number(s)

Sponsoring/Monitoring Agency Name(s) and Address(es) Monitoring Agency Acronym

Monitoring Agency Report Number(s)

Distribution/Availability Statement Approved for public release, distribution unlimited

Supplementary Notes

Abstract

Subject Terms

Document Classification unclassified

Classification of SF298 unclassified

Classification of Abstract unclassified

Limitation of Abstract unlimited

Number of Pages 10

REPORT DOCUMENTATION PAGEForm Approved

OMB No. 074-0188Public reporting burden for this collection of information is estimated to average 1 hour per response, including the time for reviewing instructions, searching existing data sources, gathering andmaintaining the data needed, and completing and reviewing this collection of information. Send comments regarding this burden estimate or any other aspect of this collection of information,including suggestions for reducing this burden to Washington Headquarters Services, Directorate for Information Operations and Reports, 1215 Jefferson Davis Highway, Suite 1204, Arlington, VA22202-4302, and to the Office of Management and Budget, Paperwork Reduction Project (0704-0188), Washington, DC 20503

1. AGENCY USE ONLY (Leave blank) 2. REPORT DATE

6/15/993. REPORT TYPE AND DATES COVERED

Briefing4. TITLE AND SUBTITLE

Security on the Desktop, Fighting the Enemy Within5. FUNDING NUMBERS

6. AUTHOR(S)

LtCol Paul Walczak

7. PERFORMING ORGANIZATION NAME(S) AND ADDRESS(ES) 8. PERFORMING ORGANIZATION REPORT NUMBER

IATACInformation Assurance Technology AnalysisCenter3190 Fairview Park DriveFalls Church VA 220429. SPONSORING / MONITORING AGENCY NAME(S) AND ADDRESS(ES) 10. SPONSORING / MONITORING

AGENCY REPORT NUMBER

Defense Technical Information CenterDTIC-IA8725 John J. Kingman Rd, Suite 944Ft. Belvoir, VA 2206011. SUPPLEMENTARY NOTES

12a. DISTRIBUTION / AVAILABILITY STATEMENT

A

12b. DISTRIBUTION CODE

13. ABSTRACT (Maximum 200 Words)

This briefing entitled “Security on the Desktop: Fighting the Enemy Within” was presentedby LTC Paul Walczak, of the Army Research Laboratory to GovTechNet 99 in June 1999. Itexamines the scope of the challenges of securing Army information and information networksand provides some examination of some of the INFOSEC research areas that will tackle thisproblem.

14. SUBJECT TERMS

INFOSEC15. NUMBER OF PAGES

16. PRICE CODE

17. SECURITY CLASSIFICATION OF REPORT

Unclassified

18. SECURITY CLASSIFICATION OF THIS PAGE

UNCLASSIFIED

19. SECURITY CLASSIFICATION OF ABSTRACT

UNCLASSIFIED

20. LIMITATION OF ABSTRACT

None

GovTechNet 99-15 June 99 Slide Courtesy of US Army PEOC3S

GovTechNet 99-15 June 99

U.S. Army Near Term RequirementsFDD Division Chart

MANEUVERMCS (2)FBCB2 (1)M1A2SEP(28)M2/M3A3 (31)LANDWARLRAS3 (45)C2V (21)MFCSBCISFSCSA2C2S (50)AH64-D (29)OH58D (51)AMPS (52)RAH-66

INTELASAS (3)TUAV (49)AQF (48)CGS/GSM (22)GBCS-H (23)IMETS (24)TROJAN (25)MITT/DTES(26)

FIRE SPTAFATDS (4)PALADIN (33)MLRS (38)LLDR (53)STRIKER (35)BFIST (47)CRUSADER

ADAFAADC2 (5)AVENGER (34)STCLINEBACKER (39)SENTINEL (40)*JTIDS (32)

MOB / SURVDTSS (16)

WOLVERINE(46)M93 A1 FOX (37)

GRIZZLYIMFJWARN

LOGISTICSCSSCS (6)*GCSS-A (30)MTS (19)RF TAGS (17)*TMT (41)*FRS-HDVE

C2SINCGARS-SIP (7)EPLRS-VHSIC (8)*NTDR (9)WIN-T (10)ATM/FSENHCLOSSPITFIRE (12)SMART-T (13)GBS (14)ISYSCON (15)*TOCS (11)DMS (20)FDR (34)ACNPCS

Additional Integration RequirementsArchitecture, Security, CTSF, Systems Integration,

Training, & Collaborative Planning tools

XXBased on

00/04Fielding

Send & Receive OrdersSituational Awareness

Common Relevant PictureLogistics Management

Slide Courtesy of US Army CECOM I2WD

U.S. Army Objective RequirementsABCS Systems/Networks Chart

MCS

CSSCS

GCCS-A DTSS

FAAD C2

ASAS

AFATDSFBCB2

IMETS

GCCS-A IneropAIBS-army-96FAISA-army-97IMETS-army-97-98ISYSCON-army-UTARSTAT-army-97-98AMSAA-joint-96APC-joint-96ASAS-joint-97ATCOM-joint-96AWDS-joint-97CASCOM-joint-96CTAPS/TBCMS-joint-97DAMO-ODR-joint-96DES-joint-96DLA/ICIS-joint-96GCCS/GSORTS-joint-98GCCS/GSRDI-joint-98GCCS/JOPES-joint-98IOC-joint-96ISC-P-joint-96JTAV-joint-97LOGSA-joint-96MCS-joint-96PERSCOM-joint-96RAMS-joint-96REQVAL-joint-96SAMAS-joint-96TAV-joint-96

MCS InteropAGCCS-army-96DTSS-army-96LFCS-army-97CTAPS-joint-97JMCIS-joint-98JStarsCGS-joint-98TCO-joint-98AUSTACCS-alliled-98HEROS-allied-96LFCCIS-allied-97QIFS-allied-98SIACCON-allied-98SCIF-allied-96

IMETS InteropGPS-army-MMS-army-UAV-army-JSTARS CGS-joint

CSSCS InteropDAMM-R-army-99ICS3-army-99SAAS/MOD-army-99SAMS/2-army-99SARSS/1-army-97SARSS/2AD-army-98SIDPERS/2.75-army-97SIDPERS-3.army-98SPRS/R-army-97TAMMIS-army-98ULLS/S4-army-98

Legend:example: JMCIS-joint-98

System

Implementation Year (U=Unscheduled)

Interface Level:

AlliedArmyJoint

FBCBS InteropA2C2S-army-99BCIS-army-KIOWA-army-ULVRS-army-UM1A2 SEP-army-M2A3-army-MICAD-NBCRS-armyPaladin-AFCSPLGR-army-97LandWarrior-army

DTSS InteropFAST-joint-JSTARS CGS-joint-MITT-joint-

FAAD C2 InteropLLAPI-allied-95GBS Radar-army-94HIMAD-army-94LSDIS Radar-army-97TIBS-army-UAWACS-joint-93Hawkeye-joint-93

AFATDS InteropATHS-army-97BCS-army-97FBCB2-army-00FDS-army-97Firefinder (q-36)-army-97FIST DMD-army-97FOCC-army-97FOS-army-98IDM-army-99IFSAS-army-97LtacFire-army-97MBC-army-97MDS-army-97MFCS-army-99MMS-army-97UAV/TS/00-army-UAFATDS-joint-99 (MC)CTAPS/TBMCS-joint-98IFSAS-joint-97 (MC)Jstars/CGS-joint-97TacFire-01-joint-U (MC)ADLER-allied-98ATLAS-allied-98BATES-allied-98

ASAS InteropAdv Quickfix-army-UAMS-army-00ARL-army-UATCAE-army-97CTS/CTAPS-army-97DAI-army-97Enhan Trackworl-army-UEPDS-army-97ETRAC-army-UETUT-army-97GBCS-army-UGuardrail-army-97IEWCS-army-UIPF-army-97MIES-army-97MIIT-army-97NGIC-army-UNPIC-army-UNSA-army-07SSP/S-army-97TEAMMATE-army-97TES-army-97THMT-army-97TrafficJam-army97Trailblazer-army-97TRRIP-army-UUAV GCS-army-97UAV MPCS-army-97CARS/TRIGS-joint-97IAC-joint-97JMCIS-joint-97JstarsCGS-joint-97NIPS-joint-97TBCMS-joint-UTCAC-joint-97PASS-K-alllied-URAPIDE-allied-97

Slide Courtesy of US Army CECOM I2WD

GovTechNet 99-15 June 99

Partial View to Problem’s Scale

Army Information Systems 14,544

– Major Systems 1,219

• Mission Critical 638

• Other Major 581

– Other Systems (996 Web sites) 13,325

Information Technology Controlled Devices 444,196– PCs/Servers 365,077

– Facilities & Other 42,048

– Communications Hardware/Software 7,071

Army IS Security Program (total funding) $ 87 million

GovTechNet 99-15 June 99

Classes of Computer Misuse Techniques

GovTechNet 99-15 June 99

Securing Systems at the Desktop

F Insider Misuse

F Development Practice

F Threat is Learning

F Warrior’s “desktop”

F Assurance >>Securing Systems

F Process and Culture

o Holistic interpretation

o Acquisition Strategy

o Education, Training

o Spectrum of Information

o Overarching concept for

INFOSURV

o No silver bullets

GovTechNet 99-15 June 99

Directions for INFOSURV R&D

¶ Robust networking protocols· Requirements metrics

¸ Predictable systems composition¹ Data analysis and correlation

º Dynamic system (re) configuration» Dynamic adaptability

¼ Architectures½ Mobile code

Ò Components

GovTechNet 99-15 June 99

INFOSEC Research Areas1 -Security Engineering Methodologies

2 -Detecting Intrusion and Misuse

3 -Mobile, Foreign Code

4 -Controlled Sharing

5 -Denial of Service

6 -Application Security

7 -Communications Security

8 -Security in Mobile Environments

9 -Security Management Infrastructure